November 18th, 2011. The OpenNebula project announces the general availability of the first pre-release of OpenNebula 3.2. With this release we make our debut with a new development cycle that aims at rapidly delivering new features to the community and faster react to their needs and feedback.

The pre-release series are not suitable for production environments as you may find some rough edges. However the packages have gone through the standard testing procedure made for final releases so you should consider them stable.

With this release we also wanted to celebrate our 4th birthday. Happy testing everybody!

What's New in OpenNebula 3.1.0

OpenNebula Core

Most of the changes in the new release have been done in the OpenNebula core (oned) and libraries to support the following new features:

Security and User management, is one of the pillars of the next release. In particular several potential threats have been secured, and the efficiency of the system has been improved:

Users now have a pre-defined driver (set by the admin). One of the issues found is that there are potential security holes if the user is able to choose its own driver through its ONE_AUTH file.

Cloud services now uses an special authentication mechanism, using special server users.A server user account is granted to authenticate on-behalf of other users. Two mechanism are provided for this: cipher that uses symmetric cryptography, and x509 certificates.

Notion of public users, that are restricted to public cloud APIs (e.g. EC2 or OCCI)

Restricted attributes in VM Templates: DISK/SOURCE, CONTEXT/FILES, NIC/MAC and NIC/VLAN_ID. These attributes can be easily used to gain oneadmin access or to comprise VMs of any user.

Authentication Token caching. As some of the drivers may take some time to authenticate a request (e.g. LDAP), session token can no be cached by OpenNebula.

Images and Virtual Networks by name, by popular request we've brought back these feature. When two resources share the same name, the UID or name of the owner of the resource can be used (defaults to “me”) to select one of them.

Metadata for Users, Images and Virtual Networks, you can update, and tag these resources with arbitrary metadata, that can be later used by other components.

Contextualize a VM with User data, now you can easily inject user metadata (e.g. an SSH key) in a VM through the CONTEXT section.

Image Type can be changed, either after creating a VM or when saving_as it.

SunStone

We've further improved the usability of SunStone, and extend it to catch up with OpenNebula core's new features. Also some of the dialogs has been simplified and polished

OpenNebula Zones and VDCs

OpenNebula Zones is rapidly gaining popularity, and there are a couple of new features result of the feedback we've received:

ZONA, the ZONes Api, This Ruby API will let you build your own customizations on top of the Zones/VDC component.

Improved dialogs for the web gui of the component.

Improved security for storing zone passwords

Migrating from OpenNebula 3.0

OpenNebula 3.2 is API compatible with OpenNebula 3.0, so you should expect that applications, and drivers developed for 3.0 to work with this release, with the exception of custom authentication drivers. A detailed upgrade process upgrade can be found in the documentation.

For a complete set of changes to migrate from a 3.0 installation please refer to the Compatibility Guide. You should also read this document if you are an OpenNebula 3.0 user.